TorrentLocker Strikes Again Targeting Danish Users

TorrentLocker aka Crypt0l0cker is an infamous ransomware infection that has been around for about 3 years now. It has given birth to several variants and has targeted different countries (e.g., Australia) and regions of the world. This time it seems that Danish computer users are in the crosshairs who can be hit by a new variant of this vicious program. Once this infection manages to sneak onto your system, it encrypts your files, which in turn become unusable and inaccessible; but, this new version has some new features, too. The authors of this dangerous threat use this attack to extort money from you for the decryption key or software. While the earlier variants of this malicious program can be decrypted by using free file recovery tools, it is too early to say that this variant will also have such a tool available in the coming days. Obviously, malware experts are working on this issue to solve it. Until then though, you are left with no choice but to remove TorrentLocker Ransomware from your computer. Paying the ransom is not advisable since this would be tantamount to supporting cybercrime. Still, it is your call to make, of course. But before you rush to a decision, let us share with you what else we have found out about this dangerous program.

This new variant of TorrentLocker Ransomware has hit Danish computer users in two waves of spamming campaigns. Such a spam usually contains an image, a video, or even a .zip archive. But this time it seems that this infection is spread by a malicious Microsoft Word document posing as an alleged urgent or unpaid invoice. Obviously, a text file alone would not be dangerous or capable of initiating an attack. This Word document, on the other hand, has a macro code that needs to be allowed by the victim to be active or enabled. That is the moment of infection really as the ransomware is downloaded in the background in no time and its dirty job starts up behind the scenes, without your knowledge. It is possible that the e-mail body of such a spam contains a Dropboxusercontent URL that, when clicked, downloads the malicious executable or this document with the malicious code.

In any case, it is of utmost importance when it comes to ransomware infections that you become ever more cautious around your e-mails. You should take it seriously to always check not only the name of the sender but the e-mail address as well. Criminals may use existing names and addresses to make such a spam look more authentic. So when you run a web search, you would find that this is a real person, from a real company. But, of course, most of the times these pairs can be made-up so a web search would be of great help to figure out about the reliability of the mail in question. But even if you open such an e-mail, you should be very careful clicking on links and opening attached files unless you are perfectly certain that you were meant to receive those files. Also, when you open a Word document that requires you to enable macros, it is essential that you make sure that this document is a legitimate one. Because the moment you run the macro would be the last you can use your files on your system. Deleting TorrentLocker Ransomware afterwards will not recover your files from the encryption. This is exactly why we always emphasize the need for proper prevention. If your system is not protected by professional anti-malware software, this may be the right time to consider installing one.

As we have already mentioned, this new variant of TorrentLocker Ransomware targets Denmark. However, unlike earlier versions, this vicious program does not "only" encrypt your important personal files, including your photos, videos, documents, and archives, but it can also steal user names and passwords from your computer as an upgrade. It is also possible that this infection may spread to other computers through shared files. After the damage is done, you are informed to send a certain amount of Bitcoins to a given wallet address. Although we have no information as yet regarding the exact amount, based on our experience with this malware, it could be as mush as 500 to 1,000 US dollars worth of Bitcoins. Obviously, this may change according to the location of the victims.

You should be aware that it is always risky to pay criminals or even to contact them via e-mail. It is a possibility that they will send further infections onto your system and you would never be able to decrypt your files in this way anyway. If you get lucky, you may find a free file recovery tool on the web soon. But, if you are not an advanced computer user, you should ask someone else to help you out with that before you let more infections into your virtual world. Such a malicious attack always reminds us of the importance of making regular backups on removable media. If you do not want to or cannot remove TorrentLocker Ransomware or any other possible threats from your PC, we suggest that you invest a few bucks in a reputable anti-malware program, such as SpyHunter and see how this can save you more than you would think. Even if this time users get lucky and this new variant will be cracked, you should keep your guards up because TorrentLocker Ransomware is known to disappear and reemerge from time to time to hit harder again.